Improve descriptions that mention handles and fix incorrect mention of psa_create_key

This commit is contained in:
Adrian L. Shaw 2019-05-15 11:36:13 +01:00 committed by Gilles Peskine
parent 67e1c7ac80
commit d56456cbe8
2 changed files with 11 additions and 12 deletions

View File

@ -539,9 +539,10 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
* @{ * @{
*/ */
/** Get a handle to an existing persistent key. /** Open a handle to an existing persistent key.
* *
* Get a handle to a key which was previously created with psa_create_key(). * Open a handle to a key which was previously created with
* psa_make_key_persistent() when setting its attributes.
* *
* Implementations may provide additional keys that can be opened with * Implementations may provide additional keys that can be opened with
* psa_open_key(). Such keys have a key identifier in the vendor range, * psa_open_key(). Such keys have a key identifier in the vendor range,
@ -669,8 +670,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
* *
* This function destroys a key from both volatile * This function destroys a key from both volatile
* memory and, if applicable, non-volatile storage. Implementations shall * memory and, if applicable, non-volatile storage. Implementations shall
* make a best effort to ensure that any previous content of the handle is * make a best effort to ensure that that the key material cannot be recovered.
* unrecoverable.
* *
* This function also erases any metadata such as policies and frees all * This function also erases any metadata such as policies and frees all
* resources associated with the key. * resources associated with the key.
@ -678,7 +678,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
* \param handle Handle to the key to erase. * \param handle Handle to the key to erase.
* *
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* The handle's content, if any, has been erased. * The key material has been erased.
* \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_NOT_PERMITTED
* The handle holds content and cannot be erased because it is * The handle holds content and cannot be erased because it is
* read-only, either due to a policy or due to physical restrictions. * read-only, either due to a policy or due to physical restrictions.

View File

@ -107,7 +107,11 @@
* Implementations shall not return this error code to indicate * Implementations shall not return this error code to indicate
* that a key either exists or not, * that a key either exists or not,
* but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
* as applicable. */ * as applicable.
*
* Implementations shall not return this error code to indicate that a
* key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead. */
#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
/** The parameters passed to the function are invalid. /** The parameters passed to the function are invalid.
@ -115,12 +119,7 @@
* Implementations may return this error any time a parameter or * Implementations may return this error any time a parameter or
* combination of parameters are recognized as invalid. * combination of parameters are recognized as invalid.
* *
* Implementations shall not return this error code to indicate * Implementations shall not return this error code to indicate that a
* that a key either exists or not,
* but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
* as applicable.
*
* Implementation shall not return this error code to indicate that a
* key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead. * instead.
*/ */